Opacity Enforcement via Attribute-Based Edit Functions in the Presence of an Intended Receiver

The enforcement of opacity, a security property concerning information-flow, has been investigated using edit functions, which are capable of manipulating the output of the system via insertion, replacement, and erasure operations on its symbols, in order to ensure that an outside observer (the intr...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:IEEE transactions on automatic control 2023-09, Vol.68 (9), p.5646-5652
Hauptverfasser: Liu, Rongjian, Lu, Jianquan, Hadjicostis, Christoforos N.
Format: Artikel
Sprache:eng
Schlagworte:
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The enforcement of opacity, a security property concerning information-flow, has been investigated using edit functions, which are capable of manipulating the output of the system via insertion, replacement, and erasure operations on its symbols, in order to ensure that an outside observer (the intruder) does not gain access to critical system information. In this article, we consider situations where an intended receiver may be present and develop attribute-based edit functions, which not only obfuscate the output for the intruder, but also allow the intended receiver (who is assumed to have access to specific additional information) to recover the original output behavior. In our developed edit mechanism, edit functions modify the output by only performing insertion or replacement operations under a carefully chosen replacement regulation. Moreover, the outside observer that satisfies the intended-receiver attribute (i.e., the identity of the observer is the intended receiver) is able to recover the unedited output sequence using its ability to distinguish inserted/replaced symbols, and its knowledge of the replacement regulation. We provide an algorithmic procedure, based on a backtracking technique, to obtain suitable replacement regulations for the attribute-based edit function and the intended receiver.
ISSN:0018-9286
1558-2523
DOI:10.1109/TAC.2022.3220557